TreyCraf7 @tcraf7 - Twitter Profile

TCraf7 retweeted

about 13 hours ago

The choreography gets the headlines. The entry point is password spraying. Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA and Trey Bilbrey (@TCraf7) on Iran's hack-and-leak playbook. The mundane stuff is what gets them in. See more of our upcoming live sessions: https://t.co/fCwL6C9TLM #ThreatEmulation

0

2

3

0

140

TreyCraf7

@TCraf7

9 days ago

Got some new coffee in the mix. Its definitely worth a try if you’re into unique coffee.

0

71

TreyCraf7

@TCraf7

17 days ago

Huge thank you to everyone who came out to @BSidesTampa this weekend. I had an absolute blast delivering both a hands-on workshop with my good buddy Tyler Casey and the opening keynote! The conversations, questions, and energy from the community were incredible. Really appreciate everyone who spent part of their weekend volunteering, sharing ideas, and talking shop with us. Looking forward to the next one.

TCraf7's tweet photo. Huge thank you to everyone who came out to @BSidesTampa this weekend.

I had an absolute blast delivering both a hands-on workshop with my good buddy Tyler Casey and the opening keynote! The conversations, questions, and energy from the community were incredible.

Really appreciate everyone who spent part of their weekend volunteering, sharing ideas, and talking shop with us. Looking forward to the next one.

0

1

0

37

TCraf7 retweeted

SCYTHE @scythe_io

17 days ago

Four SCYTHE sessions live in June. Bring your questions. 📅 June 5 | 1 PM ET - Train Like You Fight Bryson Bort (@brysonbort) + Snehal Antani (@snehalantani) on the wartime mindset for modern defenders. https://t.co/0npL6SciJ9 📅 June 11 | 12 PM ET -- Protected Data Exfiltration Tyler Casey + Trey Bilbrey (@TCraf7) on moving sensitive data past controls, and what catches it. https://t.co/3heKZnnBZq 📅 June 25 | 12 PM ET -- ChillyHell macOS Backdoor Bilbrey, Pemberton, Casey on macOS backdoor behavior + detection coverage that actually holds. https://t.co/bAgaPJpPPG 📅 June 30 | 3:50 PM ET -- Oops, That Was AI Bryson Bort (@brysonbort) + Erich Kron (@ErichKron) on AI-augmented social engineering, defender side. https://t.co/YvzDNovRoz If you've only read about these, come watch them run. https://t.co/gNVUZDSVkS #ThreatEmulation

scythe_io's tweet photo. Four SCYTHE sessions live in June. Bring your questions.

📅 June 5 | 1 PM ET - Train Like You Fight
Bryson Bort (@brysonbort) + Snehal Antani (@snehalantani) on the wartime mindset for modern defenders.
https://t.co/0npL6SciJ9

📅 June 11 | 12 PM ET -- Protected Data Exfiltration
Tyler Casey + Trey Bilbrey (@TCraf7) on moving sensitive data past controls, and what catches it.
https://t.co/3heKZnnBZq

📅 June 25 | 12 PM ET -- ChillyHell macOS Backdoor
Bilbrey, Pemberton, Casey on macOS backdoor behavior + detection coverage that actually holds.
https://t.co/bAgaPJpPPG

📅 June 30 | 3:50 PM ET -- Oops, That Was AI
Bryson Bort (@brysonbort) + Erich Kron (@ErichKron) on AI-augmented social engineering, defender side.
https://t.co/YvzDNovRoz

If you've only read about these, come watch them run.
https://t.co/gNVUZDSVkS

#ThreatEmulation

0

4

3

0

237

Who to follow

Bob Theisen (LTNBOB)

@ltnbob

Empowering others is my agenda. Follower of Christ, Educator, Technologist and Stargazer.

BSides Tampa IT Security Conference

@BSidesTampa

Official site for BSides Tampa Bay Information Security Conference, hosted by Tampa Bay chapter of (ISC)2.

0xdf

@0xdf_

AI Cybersecurity @ Anthropic Potentially a legit security researcher he/him https://t.co/GCcLVlmdQK https://t.co/uQWVpw4nft 0xdf on discord

TCraf7 retweeted

SCYTHE @scythe_io

30 days ago

Tomorrow, May 7 at 3:00 PM ET, @brysonbort sits down with Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA, and Trey Bilbrey (@TCraf7) for Threat Brief LIVE: Iran, Hot TTPs and State of the Threat 🦄 They'll cover Iran's current cyber posture, the active groups worth tracking, recent hits on prominent organizations, and what specific exposure looks like for US companies and critical infrastructure operators. Register here: https://t.co/voamMlHqAl #ThreatEmulation #ICSecurity

scythe_io's tweet photo. Tomorrow, May 7 at 3:00 PM ET, @brysonbort sits down with Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA, and Trey Bilbrey (@TCraf7) for Threat Brief LIVE: Iran, Hot TTPs and State of the Threat 🦄

They'll cover Iran's current cyber posture, the active groups worth tracking, recent hits on prominent organizations, and what specific exposure looks like for US companies and critical infrastructure operators.

Register here: https://t.co/voamMlHqAl

#ThreatEmulation
#ICSecurity

0

3

0

282

TCraf7 retweeted

Bryson 🦄

@brysonbort

about 1 month ago

Alex leads Cyber research at Southern Company - he shares how he's tested electric substation security. 🦄⚡

0

21

2

8

4K

TCraf7 retweeted

Bryson 🦄

@brysonbort

about 1 month ago

Seeing a lot of AI in your network? All traffic provides the ocean for hackers to swim in your network and blend into the waves. They are there, you’re just not seeing them. Notepad++ is the software that got the headlines, but it was AI usage it abused. 1/7

brysonbort's tweet photo. Seeing a lot of AI in your network?

All traffic provides the ocean for hackers to swim in your network and blend into the waves.

They are there, you’re just not seeing them.

Notepad++ is the software that got the headlines, but it was AI usage it abused.
1/7 https://t.co/48teWCMeQg

1

8

2

1

920

TCraf7 retweeted

Bryson 🦄

@brysonbort

about 1 month ago

LIVE now with @infosec_fox on #Unicorndispatchlive. 🦄🎙️

0

4

1

279

TreyCraf7

@TCraf7

about 1 month ago

I made a cool infographic to describe the PTEF (https://t.co/dPPhMUV60N ) and what it provides. Thought it would be nice to put out there for those interested in getting into Purple Teaming. Its also worth giving it gander if your thinking about how you can start updating and testing against the new MITRE ATT&CK update to v19 (https://t.co/Ne4wPDIzmg ). # PurpleTeaming #Infosec

TCraf7's tweet photo. I made a cool infographic to describe the PTEF (https://t.co/dPPhMUV60N ) and what it provides. Thought it would be nice to put out there for those interested in getting into Purple Teaming. Its also worth giving it gander if your thinking about how you can start updating and testing against the new MITRE ATT&CK update to v19 (https://t.co/Ne4wPDIzmg ).
# PurpleTeaming #Infosec

0

5

2

462

TreyCraf7

@TCraf7

about 1 month ago

So here’s the real question: Have you tested yours lately? I'm curious where other teams are leaning.. If you had to pick right now: What Are you more worried about right now? A) Supply chain compromise B) Missed exploitation C) The magical AI overlords doing all the things.. 🧵 (8/8)

TCraf7's tweet photo. So here’s the real question: Have you tested yours lately?

I'm curious where other teams are leaning..
If you had to pick right now:
What Are you more worried about right now?
A) Supply chain compromise
B) Missed exploitation
C) The magical AI overlords doing all the things..

🧵 (8/8)

0

2

1

209

TreyCraf7

@TCraf7

about 1 month ago

Patch fast and risk a supply chain compromise. OR Patch slow and leave the door open for exploitation. That’s the reality right now and here’s no clean answer. 🧵 (1/8) #BlueTeam #CyberSecurity #CyberThreats

TCraf7's tweet photo. Patch fast and risk a supply chain compromise.
OR
Patch slow and leave the door open for exploitation.

That’s the reality right now and here’s no clean answer.
🧵 (1/8)
#BlueTeam #CyberSecurity #CyberThreats https://t.co/mUtVRtcIF1

1

2

1

0

63

TreyCraf7

@TCraf7

about 1 month ago

The best teams don’t just blindly trust their detections. They test them. Frequently. (BTW) My good buddy Tyler did a presentation during @scythe_io #Unicon2026 on this very thing a little while back that is worth checking out: https://t.co/TKTXIrSW4Z 🧵 (7/8)

TCraf7's tweet photo. The best teams don’t just blindly trust their detections. They test them.
Frequently.
(BTW) My good buddy Tyler did a presentation during @scythe_io #Unicon2026 on this very thing a little while back that is worth checking out: https://t.co/TKTXIrSW4Z
🧵 (7/8) https://t.co/bud1jGOsyK

1

2

1

0

69

TreyCraf7

@TCraf7

about 1 month ago

@medsci_yb3r @thor_scanner @UAlberta @AHS_media @Bitdefender Thats wild! Interesting catch.

0

1

0

22

TCraf7 retweeted

Filipi Pires

@FilipiPires

about 1 month ago

Hey guys.. If you missed my presentation on @RedTeamVillage_ at @defcon 33 last year!.. That is your opportunity!!.. We had a great event called RTV Overflow..and I did the same presentation to you guys!.. Check the link in the comment below..and I hope to see at DEF CON 33 this year!.. #RTV #RedTeamVillage #offensivesecurity #DEFCON33 #redteam #Redteamvillage #Malwareexploitation #pdfmalicious

FilipiPires's tweet photo. Hey guys..
If you missed my presentation on @RedTeamVillage_ at @defcon 33 last year!..
That is your opportunity!!..
We had a great event called RTV Overflow..and I did the same presentation to you guys!..
Check the link in the comment below..and I hope to see at DEF CON 33 this year!..
#RTV #RedTeamVillage #offensivesecurity #DEFCON33 #redteam #Redteamvillage #Malwareexploitation #pdfmalicious

1

11

3

2

736

TCraf7 retweeted

SCYTHE @scythe_io

about 1 month ago

Iranian threat actors are active and their tooling is showing up in campaigns against US critical infrastructure right now. On May 7th at 3PM ET, Bryson Bort (@brysonbort) sits down with Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA, and Trey Bilbrey (@TCraf7) for the first-ever Threat Brief LIVE: Iran, Hot TTPs & State of the Threat. They'll break down Iran's current cyber posture, the active groups you should have on your radar, recent hits on prominent organizations, and what specific exposure looks like for US companies and critical infrastructure operators. Register here: https://t.co/RxJS1zbAPf #ThreatBriefLIVE #ThreatEmulation #ThreatIntelligence

scythe_io's tweet photo. Iranian threat actors are active and their tooling is showing up in campaigns against US critical infrastructure right now. On May 7th at 3PM ET, Bryson Bort (@brysonbort) sits down with Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA, and Trey Bilbrey (@TCraf7) for the first-ever Threat Brief LIVE: Iran, Hot TTPs & State of the Threat.

They'll break down Iran's current cyber posture, the active groups you should have on your radar, recent hits on prominent organizations, and what specific exposure looks like for US companies and critical infrastructure operators.

Register here: https://t.co/RxJS1zbAPf

#ThreatBriefLIVE
#ThreatEmulation
#ThreatIntelligence

0

3

0

280

TreyCraf7

@TCraf7

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users